The Atacama Large Millimeter Array (ALMA) astronomical observatory in Chile became an unlikely target for a cyberattack this week when unknown assailants knocked its systems offline. The ALMA may not be a household name, but it has a marquee role on the international academic stage, which might explain why it was targeted.
The ALMA is a radio telescope, located 5,000 meters above sea level in the unpopulated, geoglyph-laden expanse of the Atacama Desert. There, the conditions are uniquely suited for its mission: imaging early star and planet formation, and offering clues to the origins of the universe. It's maintained in international partnership between Canada, Chile, the EU, Japan, South Korea, Taiwan, and the United States, and, built at the cost of $1.4 billion, is the most expensive terrestrial-based telescope in existence.
The attack, which happened last weekend, has forced "the suspension of astronomical observations and the public website," the observatory said in a statement on Wednesday. "There are limited email services at the observatory. ... The attack did not compromise the ALMA antennas or any scientific data. Given the nature of the episode, it is not yet possible to estimate a timeline for a return to regular activities."
At press time, portions of the website were functioning, but a banner on the site reads, "A number of ALMA online services are currently unavailable — work is in progress to remedy this situation," adding, "replying to tickets by email is currently unavailable."
While the nature of the malware used is unknown, motivations could be myriad. Scientific research is no stranger to targeting by nation-states looking for a competitive edge; and, of course, a victim of this caliber in astronomy circles is a good tool for a ransomware gang to use to burnish its Dark Web reputation.
Research telescopes have also been attacked in the past, seemingly for the lulz: In 2017, Australia's Zadko telescope was knocked offline, almost preventing it from capturing an anticipated, once-in-a-lifetime collision between two neutron stars in deep space.
Awareness that this academic sector is a target for cyberattackers is growing. Some telescopes have taken precautions, such as the National Radio Astronomy Observatory (NRAO) in Indiana, which has contracted the National Science Foundation's ResearchSOC to provide cybersecurity protection.